CVE-2023-31320

HIGH

AMD Radeon Software - Denial of Service via Improper Input Validation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-31320. PoCs published by whypet.

AI-analyzed exploit summary This is a functional proof-of-concept exploit for CVE-2023-31320, a denial-of-service vulnerability in the AMD display driver. The code uses Direct3D 11 to trigger a crash by sending malformed commands to the GPU, corrupting the display.

Description

Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service.

Exploits (1)

nomisec WORKING POC 6 stars
by whypet · poc
https://github.com/whypet/CVE-2023-31320

This is a functional proof-of-concept exploit for CVE-2023-31320, a denial-of-service vulnerability in the AMD display driver. The code uses Direct3D 11 to trigger a crash by sending malformed commands to the GPU, corrupting the display.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: AMD display driver (affected versions listed in AMD-SB-6003)
No auth needed
Prerequisites: System with an AMD GPU and vulnerable driver · Direct3D 11 capable environment
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0126
EPSS Percentile 66.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (6)
amd/radeon_pro_vega_56_firmware
amd/radeon_pro_vega_64_firmware
amd/radeon_rx_vega_56_firmware
amd/radeon_rx_vega_64_firmware
amd/radeon_software < 23.7.1
amd/radeon_software < 23.q3
Published Nov 14, 2023
Tracked Since Feb 18, 2026